[Dapper] [CVE-2011-1017] [PATCH 1/1] fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017

Brad Figg brad.figg at canonical.com
Tue Apr 26 20:43:49 UTC 2011

On 04/26/2011 01:37 PM, Tim Gardner wrote:
> On 04/26/2011 12:44 PM, Brad Figg wrote:
>> From: Timo Warns<Warns at pre-sense.de>
>> BugLink: http://bugs.launchpad.net/bugs/771382
>> CVE-2011-1017
>> The kernel automatically evaluates partition tables of storage devices.
>> The code for evaluating LDM partitions (in fs/partitions/ldm.c) contains
>> a bug that causes a kernel oops on certain corrupted LDM partitions.
>> A kernel subsystem seems to crash, because, after the oops, the kernel no
>> longer recognizes newly connected storage devices.
>> The patch validates the value of vblk_size.
>> [akpm at linux-foundation.org: coding-style fixes]
>> Signed-off-by: Timo Warns<warns at pre-sense.de>
>> Cc: Eugene Teo<eugeneteo at kernel.sg>
>> Cc: Harvey Harrison<harvey.harrison at gmail.com>
>> Cc: Richard Russon<rich at flatcap.org>
>> Signed-off-by: Andrew Morton<akpm at linux-foundation.org>
>> Signed-off-by: Linus Torvalds<torvalds at linux-foundation.org>
>> (backported from commit c340b1d640001c8c9ecff74f68fd90422ae2448a)
>> Signed-off-by: Brad Figg<brad.figg at canonical.com>
> Where did you find a reference that this patch fixes CVE-2011-1017 ?
> rtg

There was no specific reference. From the comments in the commit and
comments in the CVE reference (http://openwall.com/lists/oss-security/2011/02/24/4)
indicated the same code block. The patch is validating that the size
is correct.

Brad Figg brad.figg at canonical.com http://www.canonical.com

More information about the kernel-team mailing list